|
HP OpenVMS Guide to System Security |
Security for the User |
|
Descriptions of Object Classes |
|
|
| |
A global section can provide access to a disk file (called a file-backed global section), provide access to dynamically created storage (called a page file-backed global section), or provide access to specific physical memory (called a page frame number [PFN] global section). A global section object may be either temporary or permanent.
The operating system supports two types of global section objects:
Naming
Rules
The name of the object is a string of 1 to 44 characters.
For group global sections, the name is qualified by your UIC group
number.
Types
of Access
The global section class supports the following types of access:
Template Profile
File-backed global sections share the security profile of
the associated disk file. Whenever the profile of the backing file
is modified, the global section's profile automatically changes.
To modify the protection elements of file-backed global sections,
you must modify the backing file instead.
The global section class provides the following template profiles. Although the template assigns an owner UIC of [0,0], this value is only temporary. As soon as the object is created, the operating system replaces a 0 value with the value in the corresponding field of the creating process's UIC.
| Type | Template Name | Owner UIC | Protection Code |
|---|---|---|---|
|
System
|
DEFAULT
|
[0,0]
|
S:RWE,O:RWE,G:RWE,W:RWE
|
|
Group
|
DEFAULT
|
[0,0]
|
S:RWE,O:RWE,G:RWE,W:RWE
|
The operating system modifies the templates according to the values provided in the prot argument to $CRMPSC. The prot argument is ignored for file-backed sections.
To maintain compatibility with earlier versions of the operating system, the DEFAULT templates have protection codes allowing world access. Some applications may need a more restrictive default than the templates provide. If you do choose to restrict global section access, be aware that the more restrictive access can cause applications to fail in ways that are difficult to diagnose.
Privilege Requirements
The SYSGBL privilege is required to create or delete a system
global section. The PFNMAP privilege is necessary to create or delete
a page frame section, and the PRMGBL privilege is required to create
or delete a permanent global section.
Kinds of Auditing Performed
The following types of events can be audited, provided the
security administrator enables auditing for the appropriate event
class:
| Event Audited | When Audit Occurs |
|---|---|
|
Creation
|
When a page file-backed
or a PFN global section is created by the Create and Map Section
system service ($CRMPSC).
|
|
Access
|
When an existing page file-backed
or a PFN global section is accessed with either $CRMPSC or the Map
Global Section system service ($MGBLSC). The operating system audits
access to a file-backed global section as a file access.
|
|
Deaccess
|
At image or process rundown
when the process virtual address space is reset or deleted.
|
|
Deletion
|
If a process with PRMGBL privilege, PFNMAP
privilege, or SYSGBL privilege (in the case of a system global section)
deletes a permanent global section, the operating system audits
the event through the use of privilege.
|
Permanence of the Object
A global section and its security profile need to be reset
after every system boot.
|
|
